Visa utbildning.se som: Mobil

Trend Micro Deep Discovery Training Advanced Threat Detection 2.0 for Certified Professionals

Arrow ECS
Kort om utbildningen
Längd: 3 dagar
Pris: 21 500 SEK exkl. moms
Nästa tillfälle: 2018-08-27 - Distans / Online
Ort: Distans / Online, Stockholm
Utbildare: Arrow ECS plus
Kommande starter
Distans / Online
2018-08-27  
21 500 SEK
2018-10-29  
21 500 SEK
Stockholm
2018-10-29  
21 500 SEK

Trend Micro Deep Discovery Training Advanced Threat Detection 2.0 for Certified Professionals

Course Description

Trend Micro™ Deep Discovery Training for Certified Professionals is a three-day, instructor-led training
course where participants will learn how to deploy and manage a Trend Micro™ Deep Discovery threatprotection solution using:

• Trend Micro™ Deep Discovery Inspector
• Trend Micro™ Deep Discovery Analyzer
• Trend Micro™ Deep Discovery Email Inspector

Participants explore key concepts and methodologies of using a blend of Deep Discovery solutions for a
more complete approach to network security. This course details the architecture, deployment options,
threat management and system administration fundamentals, as well as troubleshooting and best
practices, for all three products.
This course incorporates a variety of hands-on lab exercises allowing participants to put the lesson
content into action.
This course is taught by Trend Micro-certified trainers. Upon completion of this course, participants may
choose to complete the certification examination to obtain designation as a Trend Micro Certified
Professional for Deep Discovery.

 

 

Target Audience
This course is designed for IT professionals who are responsible for protecting networks from any
kind of networked, endpoint, or cloud security threats.
The individuals who will typically benefit the most include:

• System administrators
• Network engineers
• Support Engineers
• Integration Engineers
• Solution & Security Architects

 

 

Course Prerequisites
Before you take this course, Trend Micro recommends that you have a working knowledge of their
products and services, as well as basic networking concepts and principles.
You should also have a working knowledge of the following products:

• Windows servers and clients
• Firewalls, Web Application Firewalls, Packet Inspection devices
• General understanding of malware
Participants are required to bring a laptop computer with a screen resolution of at least 1980 x 1080
or above; a display size of 15" or above is recommended.

 

Course Topics
Course topics are divided into the following lessons.

 

Introduction
• Evolving Threats
• Anatomy of a Targeted Attack
• Point of Entry - Spear Phishing
• How Long Can Targeted Attacks Stay Hidden?
• Why Monitor Your Network?
• Why Deep Discovery?

 

Deep Discovery Solution Overview
• What is Deep Discovery?
• Deep Discovery Attack Detection
• Deep Discovery Threat Detection Overview
• Deep Discovery Solution Map
        - Trend Micro Deep Discovery Inspector
        - Trend Micro Deep Discovery Analyzer
        - Trend Micro Deep Discovery Email Inspector
       - Control Manager
       - Custom Threat Defense
       - Deep Discovery Director

 

Deep Discovery Inspector Overview
• Architecture
• Key Features and Benefits
• Network Setup
• Form Factors
• Deep Discovery Inspector Models
• Deep Discovery Inspector Requirements
• Installation Design
• Positioning Deep Discover Inspector in the Network
• What’s new in Deep Discover Inspector 3.8 SP5?

 

 

Deep Discovery Inspector Installation and Configuration
• Information Provisioning for Setup
• Defining Architecture and Traffic to Capture
• Obtaining ISOs, Hot Fixes/Patches
• Performing an Installation
• Configuring Initial System Settings (Pre-Configuration Console)
• Finalizing Deep Discovery Inspector Configuration (Web Console)
• Testing the Deployment
• Viewing Installation Logs
• Enabling IP Rewriting
• Connecting Deep Discovery Inspector to Deep Discovery Director

 

Threat Detect Technologies
• Acronyms
• Detection Logic
• Engines versus Detections
• Network Content Inspection Engine (NCIE / VSAPI)
• Advanced Threat Scan Engine (ATSE / VSAPI)
• Network Content Correlation Engine (NCCE / CAV)
• Virtual Analyzer
• Community File Reputation (Census)
• Certified Safe Software Service (CSSS / GRID)
• Trend Micro URL Filtering Engine (TMUFE)
• Network Reputation with Smart Protection Network
• Mobile Application Reputation Service (MARS)
• Summary - Detection Events and Actions

 

Virtual Analyzer
• Virtual Analyzer Functionality
• What is Virtual Analyzer Looking For?
• Virtual Analyzer Components
• Communications Flow for Samples
• Overall Sample Ratings and Risk Level
• Virtual Analyzer Outputs
• File Processing Time
• Supported File Types
• How to Explain a Malicious Result
• Sending Files to Virtual Analyzer for Analysis
• Virtual Analyzer Feedback in Deep Discovery Inspector
• Importing a Custom Sandbox into Deep Discovery Inspector for use by the Virtual
Analyzer
• Troubleshooting
Deep Discovery Inspector Administration
• Default Accounts
• Dashboard
• Analyzing Detected Threats
• Running Reports and Obtaining Threat Detection Metrics
• Report Examples
• System Management and Configuration
• Accessing Log Files
• Monitoring System Performance and Resources

 

Deep Discovery Analyzer Product Overview
• Key Features
• Network Setup
• Form Factors
• Required Services and Port Information
• Uniquely Identifying Samples
• Integration
• What’s New in Deep Discovery Analyzer 5.8?

 

Deep Discovery Analyzer Installation and Configuration
• Information Provisioning
• Defining the Architecture
• Obtaining ISOs, Hot Fixes/Patches
• Performing the Installation
• Configuring Initial System Settings
• Configuring Final Settings for Deep Discovery Analyzer
• Testing the Deployment

 

Deep Discovery Analyzer Administration
• Accessing the Web Console
• Console Overview
• Analyzing Events
• Submitting Samples to Deep Discovery Analyzer
• Deep Discovery Analyzer Reports
• Managing Suspicious Objects List
• Exceptions
• Deep Discovery Analyzer Sandbox Management
• Reports
• Alerts
• System Management and Configuration

 

Deep Discovery Email Inspector
• Key Functionality
• Supported Hardware
• Deployment Modes
• Ports Used
• Summary of Operation Modes
• Threat Detection in Deep Discovery Email Inspector
• Engine Architecture Overview
• What’s New in Deep Discovery Email Inspector 2.6?
 

 

Deep Discovery Email Inspector Installation and Configuration
• Information Provisioning
• Defining the Architecture
• Obtain ISOs, Hot Fixes/Patches
• Performing the Installation
• Configuring Initial System Settings using the Pre-Configuration Tool
• Configuring Final Deep Discovery Email Inspector Settings
• Testing the Deployment
• Connecting Deep Discovery Email Inspector to Deep Discovery Director

 

Deep Discovery Email Inspector Administration
• Management Console Overview
• Analyzing Threat Detections
• Configuring Policies
• Setting up Recipient Notifications
• Defining Email Message Tags
• Configuring Redirects (Non-Scannable Attachments)
• Adding Policy Exceptions
• Configuring Alerts
• Generating Reports
• Accessing Log Files
• System Administration
• Performing System Maintenance Tasks

 

Threat Connect
• Content
• Using Threat Connect
• Report Content

 

Connected Threat Defense
• Integration is Key to Effective Security
• Connected Threat Defense Requirements
• Connected Threat Defense Components
• Integrating Deep Discovery Inspector with Control Manager
• Suspicious Objects Handling with Control Manager
Integration
• Open Architecture
• Deep Discovery Inspector Integration
• Integration with Syslog Servers and SIEM Systems
• Third-Party Blocking Integration
      - Check Point Open Platform for Security
      - HP TippingPoint Security Management System
      - IBM Security Network Protection
      - Palo Alto Firewalls
• Blue Coat ProxySG
• Deep Discovery Analyzer Integration

 

Appendix 1: Monitoring VM Traffic with Deep Discovery Inspector
• Overview
• vDS Remote Monitoring Feature
• Implementation
• Configuration

Investering

Pris : 21 500 Kr Kursmaterial: Ingår

Arrow ECS

Arrow ECS Education – Utbildar IT-proffs

Vi erbjuder dig avancerade IT-utbildningar från världsledande leverantörer som Citrix, F5, IBM, Juniper och VMware

Söker du kurser inom Blue Coat, Check Point, Citrix, IBM, Infoblox, Juniper, Trend Micro, Veeam eller VMware?

Då har du kommit rätt!

Arrow ECS har genomfört certifierade IT-utbildningar för partners och slutkunder sedan 1992. Vi  kan distribution av IT-produkter och tjänster och förstår därmed vilka krav på kunskaper som din verksamhet kräver. Den tid och budget som du lägger utbildning också ska ge mätbara resultat och det kan vi ge dig.

Arrow ECS Education erbjuder:

  • Instruktörer som också har praktiska erfarenheter som konsulter
  • Öppna schemalagda kurser i vårt kurscenter i Stockholm/Kista
  • Företagsinterna kurser på platser som ni väljer och med ett kursinnehåll som är anpassat för er
  • Varierade leveranssätt: Klassrum, Instructor Led Online, eLearning
  • Certifieringstester då vi är ett Pearson VUE testcenter

På Arrow ECS Education expanderar vi kontinuerlig vår utbildningsportfölj och vi kan i dagsläget erbjuda dig ett omfattande utbildningsprogram av produkt- såväl som generella utbildningar för IT-tekniker/administratörer och utvecklare. Söker du kvalitetskurser inom infrastruktur, virtualisering och nätverk/säkerhet är Arrow ECS ditt självklara val.

Visa alla utbildningar med Arrow ECS

Film

Marknadsledande av specialiserade it-utbildningar i Europa

Intresseanmälan

Fyll i dina uppgifter om du är intresserad och vill veta mer om kursen: Trend Micro Deep Discovery Training Advanced Threat Detection 2.0 for Certified Professionals.


En intresseanmälan ger dig möjlighet att komma i kontakt med utbildningsarrangören


Du blir kontaktad och får mer information - För att kunna ta rätt beslut


En intresseanmälan är ingen bokning. Du förbinder dig inte till något

Errors
Valfritt
Valfritt
Valfritt
Valfritt
Valfritt
Valfritt

Kontaktuppgifter till Arrow ECS

Arrow ECS

Kronborgsgränd 23
164 46 Kista

 Visa telefonnummer